HealthDID: An efficient and authorizable multi-party privacy-preserving EMR sharing system based on DID

Electronic medical record (EMR) sharing is widely acknowledged as a crucial approach for enhancing healthcare quality. However, existing EMR sharing systems face some privacy issues when implementing authorization and supervision, leading to the widespread formation of medical data islands. To addre...

Full description

Saved in:
Bibliographic Details
Published inComputer standards and interfaces Vol. 93; p. 103967
Main Authors Wu, Zuodong, Zhang, Dawei
Format Journal Article
LanguageEnglish
Published Elsevier B.V 01.04.2025
Subjects
Authorization
Batch retrieval
DID
EMR sharing
PSI-payload
Supervision
Authorization
Batch retrieval
EMR sharing
PSI-payload
Supervision
DID
Online AccessGet full text
ISSN0920-5489
DOI10.1016/j.csi.2024.103967

Cover

More Information
Summary:Electronic medical record (EMR) sharing is widely acknowledged as a crucial approach for enhancing healthcare quality. However, existing EMR sharing systems face some privacy issues when implementing authorization and supervision, leading to the widespread formation of medical data islands. To address these issues, we constructed HealthDID, an efficient and authorizable system for multi-party privacy-preserving EMR sharing. Specifically, we first proposed a global identity management method based on Decentralized Identifier (DID) to address the issues of identity unification and authentication in cross-institutional EMR sharing. Then, we proposed a novel authorization method that enabled verification of the authorization proofs without revealing the patients’ identities. Moreover, we proposed a supervised signature method to meet the diverse privacy requirements of doctors while allowing the supervisor to recover the true identities of those suspected. Finally, we utilized Private Set Intersection with Payload (PSI-Payload) technology to support large-scale batch retrieval of EMR. Formal security proofs prove that HealthDID can achieve specified security goals. Theoretical analysis and experimental results show that our system is more efficient than other related works, with lower running time and reasonable communication costs. •A privacy protection system HealthDID enables efficient authorized EMR sharing.•We propose a global identity management method and design two DID identifiers.•Data subject authorization method using NIZK proof and Pedersen Commitment-based DID.•A supervised signature method using Schnorr protocol and Public Key-based DID.•The security analysis and experimental evaluation are well-preserved.
ISSN:0920-5489
DOI:10.1016/j.csi.2024.103967